You cannot select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
roundcubemail/program/steps/settings/upload.inc

143 lines
5.3 KiB
PHP

<?php
/**
+-----------------------------------------------------------------------+
| This file is part of the Roundcube Webmail client |
| |
| Copyright (C) The Roundcube Dev Team |
| |
| Licensed under the GNU General Public License version 3 or |
| any later version with exceptions for skins & plugins. |
| See the README file for a full license statement. |
| |
| PURPOSE: |
| Handles image uploads |
+-----------------------------------------------------------------------+
| Author: Aleksander Machniak <alec@alec.pl> |
+-----------------------------------------------------------------------+
*/
$from = rcube_utils::get_input_value('_from', rcube_utils::INPUT_GET);
$type = preg_replace('/(add|edit)-/', '', $from);
// Plugins in Settings may use this file for some uploads (#5694)
// Make sure it does not contain a dot, which is a special character
// when using rcube_session::append() below
$type = str_replace('.', '-', $type);
if ($RCMAIL->action == 'upload-display') {
$id = 'undefined';
if (preg_match('/^rcmfile(\w+)$/', $_GET['_file'], $regs)) {
$id = $regs[1];
}
$RCMAIL->display_uploaded_file($_SESSION[$type]['files'][$id]);
exit;
}
// Supported image format types
$IMAGE_TYPES = explode(',', 'jpeg,jpg,jp2,tiff,tif,bmp,eps,gif,png,png8,png24,png32,svg,ico');
// clear all stored output properties (like scripts and env vars)
$OUTPUT->reset();
$max_size = $RCMAIL->config->get($type . '_image_size', 64) * 1024;
$post_size = $RCMAIL->show_bytes(rcube_utils::max_upload_size());
$uploadid = rcube_utils::get_input_value('_uploadid', rcube_utils::INPUT_GET);
if (is_array($_FILES['_file']['tmp_name'])) {
$multiple = count($_FILES['_file']['tmp_name']) > 1;
foreach ($_FILES['_file']['tmp_name'] as $i => $filepath) {
// Process uploaded attachment if there is no error
$err = $_FILES['_file']['error'][$i];
if (!$err) {
if ($max_size < $_FILES['_file']['size'][$i]) {
$err = 'size_error';
}
// check image file type
else {
$image = new rcube_image($filepath);
$imageprop = $image->props();
if (!in_array(strtolower($imageprop['type']), $IMAGE_TYPES)) {
$err = 'type_error';
}
}
}
// save uploaded image in storage backend
if (!$err) {
$attachment = $RCMAIL->plugins->exec_hook('attachment_upload', array(
'path' => $filepath,
'size' => $_FILES['_file']['size'][$i],
'name' => $_FILES['_file']['name'][$i],
'mimetype' => 'image/' . $imageprop['type'],
'group' => $type,
));
}
if (!$err && $attachment['status'] && !$attachment['abort']) {
$id = $attachment['id'];
// store new file in session
unset($attachment['status'], $attachment['abort']);
$RCMAIL->session->append($type . '.files', $id, $attachment);
$content = rcube::Q($attachment['name']);
$OUTPUT->command('add2attachment_list', "rcmfile$id", array(
'html' => $content,
'name' => $attachment['name'],
'mimetype' => $attachment['mimetype'],
'classname' => rcube_utils::file2class($attachment['mimetype'], $attachment['name']),
'complete' => true
),
$uploadid
);
}
else {
if ($err == 'type_error') {
$msg = $RCMAIL->gettext('invalidimageformat');
}
else if ($err == 'size_error') {
$msg = $RCMAIL->gettext(array('name' => 'filesizeerror', 'vars' => array('size' => $max_size)));
}
else if ($err == UPLOAD_ERR_INI_SIZE || $err == UPLOAD_ERR_FORM_SIZE) {
$msg = $RCMAIL->gettext(array('name' => 'filesizeerror', 'vars' => array('size' => $post_size)));
}
else if ($attachment['error']) {
$msg = $attachment['error'];
}
else {
$msg = $RCMAIL->gettext('fileuploaderror');
}
$OUTPUT->command('display_message', $msg, 'error');
}
}
}
else if ($_SERVER['REQUEST_METHOD'] == 'POST') {
// if filesize exceeds post_max_size then $_FILES array is empty,
// show filesizeerror instead of fileuploaderror
if ($maxsize = ini_get('post_max_size')) {
$msg = $RCMAIL->gettext(array(
'name' => 'filesizeerror',
'vars' => array('size' => $RCMAIL->show_bytes(parse_bytes($maxsize)))
));
}
else {
$msg = $RCMAIL->gettext('fileuploaderror');
}
$OUTPUT->command('display_message', $msg, 'error');
$OUTPUT->command('remove_from_attachment_list', $uploadid);
}
$OUTPUT->send('iframe');